Main Site Documentation

Updating ssl seed in code


#1

Hi.

Follow up on this thread: https://www.ghielectronics.com/community/forum/topic?id=6261
Is it possible to update the ssl seed manually in code in .net mf 4.2?


#2

It is NOT easy :))


#3

I think Microsoft did not add it because you can’t generate a good random number. You guys can always add this to codeplex.


#4

Don’t the crypto processors in the STM32 hardware provide strong random number generators?


#5

But that would be only on STM32.


#6

Do the G120 and G400 not have similar hardware? Or is it only an STM32 thing?

Either way, it’s something the could definitely be in the NETMF core, since nowadays pretty much the only common non-commercial NETMF firmwares are for STM32. If not that, then the STM32 port could use it.


#7

I didn’t see anything in the G120 or G400 that supports hardware random number generation or encryption. However, the G400 processor (Atmel SAM9X35) I believe is capable of running Linux, how would that OS handle this issue?


#8

So there is no way to use ssl and at the same time have support for OTAU upgrade of the firmware at this moment?


#9

@ andre.m
(Created my own account)

Sorry, used the wrong term. (OTAU = Over The Air Upgrade).

In our case we have our emx:s at our customers homes so we do not have the possibility to use fezconfig.

When updating the ssl seed, where does the information get stored? Is it somehow written to the config file?


#10

@ andre.m

In the post I linked to it is confirmed that the ssl seed is stored in the config. The post also suggests to leave out the config in order to not delete the seed but that seems to cause other problems…